Data at risk

S3 Bucket Allows Authenticated READ Access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Ensure that your S3 buckets content cannot be listed by AWS authenticated accounts or IAM users in order to protect your S3 data against unauthorized access. An S3 bucket that allows READ (list) access to authenticated users will provide AWS accounts or IAM users the ability to list the objects within the bucket and use the information acquired to find objects with misconfigured ACL permissions and exploit them
  • Recommended Mitigation

    Change the {AwsS3Bucket} bucket policy to block authenticated READ access